On Fri, Sep 22, 2023 at 05:14:54AM -0700, Harshit Mogalapalli wrote:
Signed-off-by: Joe Perches joe@perches.com Link: https://lore.kernel.org/r/3d033c33056d88bbe34d4ddb62afd05ee166ab9a.160028592... Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org [Harshit: backport to 4.14.y -- regenerated the diff with the help of coccinelle script in driver/base/ directory.] Signed-off-by: Harshit Mogalapalli harshit.m.mogalapalli@oracle.com
Only compile tested. This fixes CVE-2022-20166. It is not clear whether the CVE was assigned for a demonstrated issue or just a theoretical one. In any case it's a good defensive measure against future patches that may introduce a real issue if they assume this patch is already there.
This is not needed in this kernel tree, so why are you attempting to add it?
And if you have questions about a CVE, as the entity that gave the cve out, they are responsible for it, not us!
thanks,
greg k-h